My team didn't fail -- the vendor did!

Summary

This article discusses how to respond when a third-party vendor experiences a data breach, leading to the exposure of a company's private data. It emphasizes the importance of having a tested Incident Response plan that covers third-party breaches and reviewing cyber insurance policies to ensure adequate coverage.

IFF Assessment

FOE

This article details a negative scenario where a third-party vendor's security failure leads to a data breach, negatively impacting the client company.

Defender Context

Defenders need to be aware of third-party risk, as vendor breaches can directly impact their organization's data and reputation. This highlights the critical need for robust vendor risk management programs and incident response plans that explicitly include third-party incidents.

Read Full Story →